Improved indifferentiability security bound for the JH mode

Show simple item record Moody, Dustin Paul, Souradyuti Smith-Tone, Daniel 2016-05-21T12:08:54Z 2016-05-21T12:08:54Z 2016-05
dc.identifier.citation Moody, Dustin; Paul, Souradyuti and Smith-Tone, Daniel, "Improved indifferentiability security bound for the JH mode", Designs, Codes and Cryptography, DOI: 10.1007/s10623-015-0047-9, vol. 79, no. 2, pp 237-259, May. 2016. en_US
dc.identifier.issn 0925-1022
dc.description.abstract Indifferentiability security of a hash mode of operation guarantees the mode's resistance against all generic attacks. It is also useful to establish the security of protocols that use hash functions as random functions. The JH hash function was one of the five finalists in the National Institute of Standards and Technology SHA-3 hash function competition. Despite several years of analysis, the indifferentiability security of the JH mode has remained remarkably low, only at n/3 bits, while the two finalist modes Keccak and Grostl offer a security guarantee of n/2 bits. Note all these three modes operate with n-bit digest and 2n-bit permutations. In this paper, we improve the indifferentiability security bound for the JH mode to n/2 bits (e.g. from approximately 171 to 256 bits when n=512). To put this into perspective, our result guarantees the absence of (non-trivial) attacks on both the JH-256 and JH-512 hash functions with time less than approximately 2256 computations of the underlying 1024-bit permutation, under the assumption that the underlying permutations can be modeled as an ideal permutation. Our bounds are optimal for JH-256, and the best known for JH-512. We obtain this improved bound by establishing an isomorphism of certain query-response graphs through a careful design of the simulators and bad events. Our experimental data strongly supports the theoretically obtained results. en_US
dc.description.statementofresponsibility by Dustin Moody, Souradyuti Paul and Daniel Smith-Tone
dc.format.extent vol. 79, no. 2, pp 237-259
dc.language.iso en en_US
dc.publisher Springer en_US
dc.subject Indifferentiability en_US
dc.subject Security en_US
dc.subject Hash functions en_US
dc.subject JH mode of operation en_US
dc.title Improved indifferentiability security bound for the JH mode en_US
dc.type Article en_US
dc.relation.journal Designs, Codes and Cryptography

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search Digital Repository


My Account